Live-Hack-CVE/CVE-2022-42263 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an Integer overflow may lead to denial of service or information disclosure. CVE project by @Sn0wAlice Create: 2023-01-12 06:11:52 +0000 UTC Push: 2023-01-12 06:11:55 +0000 UTC |

Live-Hack-CVE/CVE-2022-42264 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause the use of an out-of-range pointer offset, which may lead to data tampering, data loss, information disclosure, or denial of service. CVE project by @Sn0wAlice Create: 2023-01-12 06:11:47 +0000 UTC Push: 2023-01-12 06:11:50 +0000 UTC |

Live-Hack-CVE/CVE-2022-47087 GPAC MP4box 2.1-DEV-rev574-g9d5bb184b has a Buffer overflow in gf_vvc_read_pps_bs_internal function of media_tools/av_parsers.c CVE project by @Sn0wAlice Create: 2023-01-12 06:11:35 +0000 UTC Push: 2023-01-12 06:11:38 +0000 UTC |

emotest1/cve_2023_0110 Create: 2023-01-12 05:35:02 +0000 UTC Push: 2023-01-12 05:35:03 +0000 UTC |

Live-Hack-CVE/CVE-2022-4457 Due to a misconfiguration in the manifest file of the WARP client for Android, it was possible to a perform a task hijacking attack. An attacker could create a malicious mobile application which could hijack legitimate app and steal potentially sensitive information when installed on the victim's device. CVE project by @Sn0wAlice Create: 2023-01-12 04:00:40 +0000 UTC Push: 2023-01-12 04:00:43 +0000 UTC |

Live-Hack-CVE/CVE-2022-4428 support_uri parameter in the WARP client local settings file (mdm.xml) lacked proper validation which allowed for privilege escalation and launching an arbitrary executable on the local machine upon clicking on the "Send feedback" option. An attacker with access to the local file system could use a crafted XML config f CVE project by @Sn0wAlice Create: 2023-01-12 04:00:36 +0000 UTC Push: 2023-01-12 04:00:39 +0000 UTC |

Live-Hack-CVE/CVE-2022-40615 IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 236208. CVE project by @Sn0wAlice Create: 2023-01-12 04:00:32 +0000 UTC Push: 2023-01-12 04:00:35 +0000 UTC |

Live-Hack-CVE/CVE-2022-34335 IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.1 could allow an authenticated user to exhaust server resources which could lead to a denial of service. IBM X-Force ID: 229705. CVE project by @Sn0wAlice Create: 2023-01-12 04:00:27 +0000 UTC Push: 2023-01-12 04:00:30 +0000 UTC |

Live-Hack-CVE/CVE-2020-1631 A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning (ZTP) allows an unauthenticated attacker to perform local file inclusion (LFI) or path traversal. Using this vulnerability, an attacker may CVE project by @Sn0wAlice Create: 2023-01-12 04:00:23 +0000 UTC Push: 2023-01-12 04:00:26 +0000 UTC |

Live-Hack-CVE/CVE-2022-44534 A vulnerability in the Aruba EdgeConnect Enterprise Orchestrator web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete sy CVE project by @Sn0wAlice Create: 2023-01-12 04:00:14 +0000 UTC Push: 2023-01-12 04:00:16 +0000 UTC |

Live-Hack-CVE/CVE-2022-44535 A vulnerability in the Aruba EdgeConnect Enterprise Orchestrator web-based management interface allows remote low-privileged authenticated users to escalate their privileges to those of an administrative user. A successful exploit could allow an attacker to achieve administrative privilege on the web-management interfa CVE project by @Sn0wAlice Create: 2023-01-12 04:00:09 +0000 UTC Push: 2023-01-12 04:00:12 +0000 UTC |

Live-Hack-CVE/CVE-2022-4885 A vulnerability has been found in sviehb jefferson up to 0.3 and classified as critical. This vulnerability affects unknown code of the file src/scripts/jefferson. The manipulation leads to path traversal. The attack can be initiated remotely. Upgrading to version 0.4 is able to address this issue. The name of the patc CVE project by @Sn0wAlice Create: 2023-01-12 03:59:59 +0000 UTC Push: 2023-01-12 04:00:02 +0000 UTC |

Live-Hack-CVE/CVE-2020-36650 A vulnerability, which was classified as critical, was found in IonicaBizau node-gry up to 5.x. This affects an unknown part. The manipulation leads to command injection. Upgrading to version 6.0.0 is able to address this issue. The name of the patch is 5108446c1e23960d65e8b973f1d9486f9f9dbd6c. It is recommended to upg CVE project by @Sn0wAlice Create: 2023-01-12 03:59:54 +0000 UTC Push: 2023-01-12 03:59:57 +0000 UTC |

Live-Hack-CVE/CVE-2022-47094 GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Null pointer dereference via filters/dmx_m2ts.c:343 in m2tsdmx_declare_pid CVE project by @Sn0wAlice Create: 2023-01-12 03:59:46 +0000 UTC Push: 2023-01-12 03:59:50 +0000 UTC |

Live-Hack-CVE/CVE-2022-47095 GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer overflow in hevc_parse_vps_extension function of media_tools/av_parsers.c CVE project by @Sn0wAlice Create: 2023-01-12 03:59:42 +0000 UTC Push: 2023-01-12 03:59:45 +0000 UTC |

Live-Hack-CVE/CVE-2023-22622 WordPress through 6.1.1 depends on unpredictable client visits to cause wp-cron.php execution and the resulting security updates, and the source code describes "the scenario where a site may not receive enough visits to execute scheduled tasks in a timely manner," but neither the installation guide nor the security gui CVE project by @Sn0wAlice Create: 2023-01-12 01:49:13 +0000 UTC Push: 2023-01-12 01:49:16 +0000 UTC |

Live-Hack-CVE/CVE-2022-43523 Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the Aruba EdgeConnect Enterprise Orchestrator instance. An attacker could exploit these vulnerabilities to obtain and modify s CVE project by @Sn0wAlice Create: 2023-01-12 01:49:08 +0000 UTC Push: 2023-01-12 01:49:11 +0000 UTC |

Live-Hack-CVE/CVE-2022-43527 Multiple vulnerabilities within the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victi CVE project by @Sn0wAlice Create: 2023-01-12 01:49:04 +0000 UTC Push: 2023-01-12 01:49:07 +0000 UTC |

Live-Hack-CVE/CVE-2022-43534 A vulnerability in the ClearPass OnGuard Linux agent could allow malicious users on a Linux instance to elevate their user privileges. A successful exploit could allow these users to execute arbitrary code with root level privileges on the Linux instance in Aruba ClearPass Policy Manager version(s): ClearPass Policy Ma CVE project by @Sn0wAlice Create: 2023-01-12 01:49:00 +0000 UTC Push: 2023-01-12 01:49:02 +0000 UTC |

Live-Hack-CVE/CVE-2022-43520 Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the Aruba EdgeConnect Enterprise Orchestrator instance. An attacker could exploit these vulnerabilities to obtain and modify s CVE project by @Sn0wAlice Create: 2023-01-12 01:48:55 +0000 UTC Push: 2023-01-12 01:48:59 +0000 UTC |